MIGRATING TO WINDOWS 11 IN THE ENTERPRISE: WHAT YOU NEED TO KNOW

A man sitting against a wall looking down at a laptop

Windows 11 was released several years ago and is the most reliable and secure edition of the operating system released so far. However, many enterprises continue to use Windows 10 because they are hesitant to disrupt user workflows and have concerns about potential compatibility issues.

The good news is that Windows 11 can be delivered as an in-place upgrade for Windows 10 devices, and Microsoft reports that 99.6% of customer applications are compatible. Since Microsoft plans to end mainstream support for Windows 10 in October of 2025, now might be a good time to plan a migration to Windows 11.

If organizations wish to remain supported with critical patches, the options are to upgrade to Windows 11 now or pay for “Extended Support Updates” (ESU) via an annual subscription, which will be available for purchase this October. An ESU license will also be an option for devices that cannot be upgraded, but they still won’t receive technical support.

Read on for our best tips to plan a migration to Windows 11, and how AHEAD can help you roll out the new operating system.

How Enterprises Can Prepare for a Migration to Windows 11

Here are our recommendations for planning a Windows 11 migration:

  • Assess hardware and driver readiness to ensure devices are compatible with Windows 11 and will be able to upgrade in place. Some potential compatibility issues include devices with older generation TPM or legacy BIOS. Devices running a 32-bit OS will also need to be wiped and reloaded with a 64-bit OS during migration.
  • Test application compatibility to validate that business-critical software will work on the new operating system. Almost all applications are compatible with Windows 11, but we recommend conducting a pilot deployment for applications that haven’t been tested yet. Potential areas to test include application execution, window resizing, multi-monitor and dock support, and more.
  • Review your security baseline policy for Windows devices and re-evaluate them against Microsoft recommendations and industry standards. Microsoft has recently published an updated security baseline that replaces the previous November 2021 baseline.
  • Update administrative templates to expose any new Windows 11 features available for configuration. While the administrative templates are automatically updated in Microsoft Intune, enterprises with devices still joined to an on-premises Windows Server Active Directory will need to manually update to the latest administrative template in their group policy central store.
  • Review group policies to ensure they’re still relevant and evaluate any new enhancements or new configurations made available via Windows 11 administrative templates.
  • Prepare device management solutions to transition to deploying and managing Windows 11 devices. Cloud-based device management solutions for Windows endpoints (such as Microsoft Intune) will automatically support Windows 11 clients, but many on-premises or self-hosted solutions (such as Microsoft Configuration Manager) will need to be upgraded manually.
  • Check endpoint security solutions for compatibility with Windows 11. This includes tools such as antivirus, endpoint detection and response, endpoint privilege management, password managers, Secure-Access-Service-Edge (SASE) solutions, and more.
  • Establish a disk encryption plan if you’re using a third-party disk encryption based on guidance from the software vendor. You don’t need to do anything if you’re using BitLocker — Microsoft’s native disk encryption solution — and will be performing in-place upgrades, but you will also need a plan for Windows 10 devices that need to be wiped and reloaded.
  • Procure and deploy Windows 11 licensing for existing devices, and consider ordering devices from your hardware OEM with Windows 11 Pro licenses and upgrading them to the enterprise license via subscription activation options. We recommend a Windows 11 Enterprise license for most organizations because of its additional features and security enhancements.

Windows 11 Migration with AHEAD

If preparing for an enterprise-wide Windows 11 migration is overwhelming, AHEAD can help you plan and roll out a full deployment strategy. We’re a strategic partner with Microsoft and hold more than 130 individual technical certifications for Azure, Microsoft 365, and other Microsoft-related technologies as well as an Advanced Specialization for Modernize Endpoints.

More specifically, AHEAD can help you create a deployment plan that includes a staged rollout to users in waves. Implementing a centralized issue tracking system and defining success criteria to adhere to can help you execute a Windows 11 migration smoothly. If results begin dropping below a reasonable success threshold, you can halt the migration and IT support teams can address any issues that arise and adjust Windows 11 configurations as necessary.

Contact AHEAD to learn more about migrating to Windows 11.

About the author

Mike Shellenberger

Senior Solutions Architect

Mike Shellenberger is a Microsoft 365-certified Specialty Solutions Engineer based in Lititz, Pennsylvania. With 20+ years of experience focusing on Microsoft Endpoint Solutions, Digital Employee Experience platforms, and Microsoft Surface devices, Mike is a leading expert on all things Microsoft at AHEAD.

SUBSCRIBE
Subscribe to the AHEAD I/O Newsletter for a periodic digest of all things apps, opps, and infrastructure.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.